FS#5913 - security vulnerability in tar
Attached to Project:
Arch Linux
Opened by Roman Kyrylych (Romashka) - Wednesday, 29 November 2006, 14:29 GMT
Opened by Roman Kyrylych (Romashka) - Wednesday, 29 November 2006, 14:29 GMT
|
Details
report:
http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0344.html
patch: https://savannah.gnu.org/bugs/download.php?file_id=11327 (tar-mangling.patch) keescook (2kB - text/x-patch - disable GNUTYPE_NAMES by default, add --allow-name-mangling) exploit is available too ;) |
This task depends upon
Closed by Tobias Powalowski (tpowa)
Wednesday, 29 November 2006, 19:24 GMT
Reason for closing: Fixed
Wednesday, 29 November 2006, 19:24 GMT
Reason for closing: Fixed